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Box No. I Basis of the report 



1 . With regard to the language, this report is based on 

M the international application in the language in which it was filed 

□ a translation of the international application into , which is the language 
of a translation furnished for the purposes of: 

□ international search (under Rules 1 2.3(a) and 23.1 (b)) 

□ publication of the international application (under Rule 12.4(a)) 

□ international preliminary examination (under Rules 55.2(a) and/or 55.3(a)) 

p With reaard to the elements* of the international application, this report is based on (replacement sheets which 
Have beVn^ur noshed to the receiving Office in response to an invitation under Article 14 are referred to in this 
report as "originally filed" and are not annexed to this report): 

Description, Pages 

^20 as originally filed 



Claims, Numbers 
1-14 



as amended (together with any statement) under Art. 19 PCT 



4. 



Drawings, Sheets 

1/10-10/10 as originally filed 

□ a sequence listing and/or any related table(s) - see Supplemental Box Relating to Sequence Listing 

□ The amendments have resulted in the cancellation of: 

□ the description, pages 

□ the claims, Nos. 

□ the drawings, sheets/figs 

□ the sequence listing (specify): 

□ any table(s) related to sequence listing (specify): 

Ixl Thi* rpnort has been established as if (some of) the amendments annexed to this report and listed below 
had S bSf rfn?e Ih^have been Considered to go beyond the disclosure as filed, as indicated ,n the 
Supplemental Box (Rule 70.2(c)). 

□ the description, pages 
M the claims, Nos. 1-14 

□ the drawings, sheets/figs 

□ the sequence listing (specify): 

□ any table(s) related to sequence listing (specify): 

* If item 4 applies, some or all of these sheets may be marked "superseded." 
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Box No V Reasoned statement under Article 35(2) with regard to novelty, inventive step 
applicability; citations and explanations supportin g such statement , : 

1. Statement 



Novelty (N) 


Yes: 


Claims 


3 




No: 


Claims 


1,2,4 


Inventive step (IS) 


Yes: 


Claims 






No: 


Claims 


1-9 


Industrial applicability (IA) 


Yes: 


Claims 


1-9 




No: 


Claims 





2. Citations and explanations (Rule 70.7): 
see separate sheet 



Box No. VII Certain defects in the international application 



The following defects in the form or contents of the international application have been noted: 
see separate sheet 



Box No. VIII Certain observations on the international application 



The following observations on the clarity of the claims, description, and drawings or on the question whether the 
claims are fully supported by the description, are made: 



see separate sheet 
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Re Item I 

Basis of the report 

The amendments filed after the International Search Report, i.e. claims 1-14 dated of 
May 25, 2005 go beyond the disclosure of the international application as filed. The 
report is therefore established as if these amendments have not been made. 

The reasons are: no basis could be found in the application as originally filed for the 

amended claims 1-14: 

e.g. for replacing "authentication server" in claim 1 by the expression "server" 
which is the general expression for all types of servers, like e.g. document server, 
content server, banking server, and not exclusively an authentication server; 
e.g. for replacing "authentication data generated based on a terminal key" in claim 
1 by "unique information", which has a more general meaning. 

Thus, the reasoned statement with regard to novelty, inventive step or industrial 
applicability is based on claims 1-9 as originally filed. 

Re Item V 

Reasoned statement with regard to novelty, inventive step or industrial 
applicability; citations and explanations supporting such statement 

1 . The following documents are referred to in the communication: 

D1 ■ US-A-5 949 877 (TRAW ET AL) 7 September 1 999 (1 999-09-07) 
D2: WO 03/096339 A (MATSUSHITA ELECTRIC INDUSTRIAL CO., LTD) 20 
November 2003 (2003-1 1-20) 

2. Claim 6 lacks novelty (Article 33(2) PCT). 

Document D1 , which is considered to represent the most relevant state of the art 
for claim 6, discloses according to the subject-matter of claim 6, insofar the 
subject-matter is clear: 

an unauthorized terminal detection method for detecting an unauthorized terminal 
in terminals that accessed the authentication server via a network, comprising: 
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receiving, from the terminal, authentication data generated based on a 
terminal key that is previously given to the terminal and a terminal ID that is 
identification information assigned to said each manufactured terminal 
(column 6, lines 31-36 in combination with column 7, lines 7-10); 

verifying authenticity of the terminal key using the received authentication data 

(column 7, lines 15-18); 

trying to search the received terminal ID based on the held predetermined terminal 
information concerning a plurality of terminal (column 7, lines 28-32); and 
determining that a terminal is an unauthorized terminal in the case where the 
authenticity of the terminal key is verified in the verifying, but a terminal ID 
different from the received terminal ID is detected (column 7, lines 28-32). 

3. Document D2 is also very pertinent with regard to the subject-matter of claim 6, 
since in D2 a problem similar to that of the present application is solved by 
checking terminal ID and driver ID, i.e. detecting an unauthorized terminal by 
checking the terminal key and the terminal ID. 

4. The above finding also applies to independent claims 1 and 8, which correspond 
to independent claim 6. Therefore, claims 1 and 8 lack novelty (article 33(2) PCT). 

5. The subject-matter of claim 5 comprises the features of claim 1 , i.e. the 
authentication server and comprises a terminal wherein the terminal includes 

a terminal information sending unit operable to send, to the authentication 
server, authentication data generated based on a terminal key that is 
previously given to the terminal and a terminal ID that is identification 
information assigned to said each manufactured terminal (column 7, lines 7- 
12). 

Since the additional features are also disclosed in D1 , claim 5 also lacks novelty 
(Article 33(2) PCT). 

6. If novelty were disputable based on minor differences of interpretation it is pointed 
out that the subject-matter of independent claims 1 , 5, 6, and 8 does not involve 
an inventive step. 

7. The additional features of the dependent claims 2-4, 7, and 9 do not add anything 
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new or inventive to the independent claims because these features are either 
known from the above-mentioned prior art D1 (e.g. the terminal key is a public 
certificate in public key encryption method; receiving a terminal ID from an 
operator) or are common measures (e.g. judges that the terminal is an 
unauthorized terminal in the case where the digital content that is accessed 
exceeding the access limit). 

Re Item VII 

Certain defects in the international application 

1 . The features of the claims are not provided with reference signs place in 
parentheses (Rule 6.2(b) PCT). 

2. Independent claims 1,5,6, and 8 are not in the two-part form in accordance with 
Rule 6.3(b) PCT, with those features known in combination from the prior art 
document D1 being placed in the preamble (Rule 6.3(b)(1) PCT) and with the 
remaining features being included in the characterising part (Rule 6.3(b)(ii) PCT). 

3. Contrary to the requirements of Rule 5. 1 (a)(ii) PCT, the relevant background art 
disclosed in documents D1 and D2 is not mentioned in the description, nor are 
these documents identified therein. 

4. The phrase "which is incorporated herein by reference in its entirety" on page 5, 
line 32 - page 6, line 1 should have been deleted as the application should be self- 
contained; such referenced documents are not regarded as part of the disclosure 
unless they contain matter essential to the invention, in which case the subject- 
matter in question would have to incorporated into the description. This is however 
not the case here (see Guidelines 4.26). 

5. The JP applications cited on page 1 , lines 29-30 and on page 5, line 31 should in 
principle have been identified by their publication number and date; however, it 
seems that this document is not yet published at the time of establishing this 
report. 

6. The vague and imprecise statements 

"... and the like" in the description on page 3, line 8; 
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"... that many modifications are possible in the exemplary embodiment 
without materially departing form the novel teachings and advantages of this 
invention, accordingly, all such modifications are intended to be included 
within the scope of the invention" in the description on page 20, lines 18-24 
imply that the subject-matter for which protection is sought may be different to that 
defined by the claims, thereby resulting in lack of clarity of the claims when used 
to interpret them (see the Guidelines 5.30). 

Re Item VIII 

Certain observations on the international application 

1 . The claims do not meet the requirements of Article 6 PCT: 

1.1 Apparatus claims 1 , 2, 3, 5, and 8 comprise method steps (e.g. detects, verifies, 
registers, judges) and are therefore not clear concerning the category. 

1 .2 an antecedent definition for the expressions 

"the digital content" used in claim 3 (page 22, line 7); 
"the access limit" used in claim 3 (page 22, line 18); 
is missing. 

1 .3 It is unclear if with the expressions 

"an unauthorized terminal" used twice in each of claims 1 (page 21 , lines 1-2 
and line 19), 5 (page 22, line 28 and page 23, line 17), 6 (page 23, lines 22- 
23 and page 24, line 2), and 8 (page 24, lines 16-17 and line 29); 
"terminals" and "a plurality of terminal" in each of claim 1 (page 22, line 4 
and lines 15-16) and claim 6 (page 24, line 17 and lines 27-28); 
"terminals" and "a plurality or terminals" in each of claim 5 (page 22, line 29 
and page 23, lines 14-15) and claim 8 (page 24, line 17 and lines 27-28); 
"a terminal information receiving unit" in claim 1 (page 21 , line 6) and "a 
receiving unit" in claim 2 (page 21 , line 26); 

"an unauthorized terminal determination unit" in claim 1 (page 21 , line 1 8) 
and "an unregistered terminal ID determination unit" in claim 2 (page 21 , line 
28); 

"the digital content" and "a digital content" in claim 3 (page 22, lines 7-8 and 
line 18); 
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"an unauthorized terminal determination unit" in claim 1 (page 21 , line 1 8) 
and "the unauthorized terminal judgement unit" in claim 3 (page 22, line 16); 
. "a terminal" in claim 1 (page 21 , line 6) and "a terminal" in claim 3 (page 22, 

line 19 ); , ~* 

. "a terminal ID" in each of claim 6 (page 23, line 27), claim 7 (page 24, lines 9 

and 13), claim 8 (page 24, line 22), and claim 9 (page 25, line 2); 
the same entity is meant or not. 

1 4 The wording "a plurality of terminal" in claim 1 (page 21 , lines 1 5-1 6) and claim 6 
(page 23, line 32 - page 24, line 1) is unclear. Here, it is assumed that meant is "a 
plurality of terminals". 
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CLAIMS 

1. (Amended) A server that detects an unauthorized terminal 
from terminals, said server comprising: 

5 a terminal information receiving unit operable to receive 

terminal information from each terminal, the terminal information 
including: one of unique information that is previously assigned to 
the terminal and authentication information that is defined based 
on the unique information; and additional identification 
10 information that is additionally assigned to the terminal; 

a terminal information holding unit operable to hold server 
terminal information including pieces of terminal information; 

a terminal information search unit operable to search the 
server terminal information held in said terminal information 
15 holding unit based on the received terminal information; and 

an unauthorized terminal judgment unit operable to judge 
that the terminal is an unauthorized terminal in the case where the 
number of different pieces of additional identification information, 
which is detected correspondingly to identical one of the unique 
20 information and the authentication information defined based on 
the unique information as a result of the search, is equal to or 
greater than a predetermined number. 

2. (Amended) The server according to Claim 1, further 

25 comprising 

a terminal verification unit operable to verify an authenticity 
of the terminal using received one of the unique information and 
the authentication information defined based on the unique 
information, 

3Q wherein the server terminal information includes: one of the 

unique information whose authenticity has been verified by said 
terminal verification unit; and the authentication information 
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defined based on the unique information. 

3. (Amended) The server according to Claim 1, 

wherein additional identification information included in 
5 terminal information received by said terminal information 
receiving unit is information concerning a user who uses the 
terminal. 

4. (Amended) The server according to Claim 1, 

10 wherein the additional identification information is 

information that an owner of the terminal inputs into the terminal. 

5. (Amended) The server according to Claim 1, 

wherein the additional identification information is an IP 
15 address of the terminal. 

6. (Amended) The server according to Claim 1, further 
comprising: 

a receiving unit operable to receive the additional 
20 identification information from an operator of said server; and 

an unregistered additional identification information 
judgment unit operable to judge whether the received additional 
identification information is registered in terminal information held 
in said terminal information search unit, 
25 wherein the terminal information search unit is further 

operable to register the additional identification information in the 
case where the authenticity of one of the unique information and 
the authentication information is verified and said unregistered 
additional identification information judgment unit judges that the 
30 additional identification information is not registered. 

7. (Amended) The server according to Claim 1, 
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wherein, the terminal is permitted to access the digital 
content related to a predetermined package content at 
predetermined times by accessing said server via the network, 
said server further comprising 
5 a history holding unit operable to hold information indicating 

history of a digital content that is accessed by the terminal in a unit 
of each terminal specified by a pair of ( i ) .one of the unique 
information and the authentication information and ( ii ) the 
additional identification information, 

10 wherein said unauthorized terminal judgment unit is further 

operable to judge that the terminal is an unauthorized terminal in 
the case where a digital content that is accessed, exceeding the 
access limit, by a terminal that has an identical ( i ) one of the 
unique information and the authentication information and ( ii ) the 

15 identical additional identification information. 

8. (Amended) The server according to Claim 7, 

wherein one of the unique information and the 
authentication information is one of a secret key in a secret key 
20 encryption method and a public key certificate in a public key 
encryption method. 

9. (Amended) A terminal connected to a server that detects an 
unauthorized terminal, said terminal comprising 

25 a terminal information transmitting unit operable to 

transmit terminal information to the server, the terminal 
information including: one of unique information that is previously 
assigned to -said terminal and authentication information that is 
defined based on the unique information; and additional 

30 identification information that is additionally assigned to said 
terminal, 

wherein the terminal information is used for searching 



server terminal information including pieces of terminal 
information held in the server, and 

the terminal information is further used forjudging that said 
terminal is an unauthorized terminal in the case where the number 
5 of different pieces of additional identification information, which is 
detected correspondingly to identical one of the unique information 
and the authentication information defined based on the unique 
information as a result of the search, is equal to or greater than a 
predetermined number. 

10 

10. (New) An unauthorized terminal detection system 
comprising a server that detects an unauthorized terminal from 
terminals and a terminal connected to said server, 
wherein said terminal includes 

15 a terminal information transmitting unit operable to 

transmit terminal information to said server, the terminal 
information including: one of unique information that is previously 
assigned to said terminal and authentication information that is 
defined based on the unique information; and additional 

20 identification information that is additionally assigned to said 
terminal, 

the server includes: . 

a terminal information receiving unit operable to receiver 
terminal information from each terminal, the terminal information 
25 including: identical one of the unique information that is previously 
assigned to said terminal and the authentication information that is 
defined based on the unique information; and the additional 
identification information that is additionally assigned to said 
terminal; 

30 a terminal information holding unit operable to hold server 

terminal information including pieces of terminal information; 

a terminal information search unit operable to search the 



server terminal information held by said terminal information 
holding unit based on the received terminal information; and 

an unauthorized terminal judgment unit operable to judge 
that the terminal is an unauthorized terminal in the case where the 
5 number of different pieces of additional identification information, 
which is detected correspondingly to identical one of the unique 
information and the authentication information defined based on 
the unique information as a result of the search, is equal to or 
greater than a predetermined number. 

10 

11. (New)' An unauthorized, terminal detection method for 
detecting an unauthorized terminal from terminals and a terminal 
connected to the server, said method comprising: 

receiving terminal information from each terminal, the 
15 terminal information including: one of unique information that is 
previously assigned to the terminal and authentication information 
that is defined based on the unique information; and additional 
identification information that is additionally assigned to said 
terminal; 

20 searching server terminal information including pieces of 

terminal information held in said server based on the received 
terminal information; and 

judging that a terminal is an unauthorized terminal in the 
case where the number of different pieces of additional 

25 identification information, which is detected correspondingly to 
identical one of the unique information and the authentication 
information defined based on the unique information as a result of 
the search, is equal to or greater than a predetermined number. 

30 12. (New) The unauthorized terminal, detection method 
according to Claim 11, further comprising: 

verifying an authenticity of the terminal using received one 
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of the unique information and the authentication information 
defined based on the unique information, 

wherein the server terminal information includes one of: the 
unique information whose authenticity has been verified in said 
5 verifying; and the authentication information defined based on the 
unique information. 

13. (New) A program for a server that detects an unauthorized 
terminal from terminals, said program causing a computer to 

10 execute: 

receiving terminal information from each terminal the 
terminal information including: one of the unique information that 
is previously assigned to the terminal and the authentication 
information that is defined based on the unique information; and 
15 additional identification information that is additionally assigned to 
said terminal; 

searching server terminal information including pieces of 
terminals information held in said server based on the received 
terminal information; and 

20 judging that a terminal is an unauthorized terminal in the 

case where the number of different pieces of additional 
identification information, which is detected correspondingly to 
identical one of the unique information and the authentication 
information defined based on the unique information as a result of 

25 the search, Is equal to or greater than a predetermined number. 

14. (New) The program according to Claim 13, further 
comprising: 

verifying an authenticity of the terminal using received one 
30 of the unique information and the authentication information 
defined based on the unique information, 

wherein, the server terminal information includes one of: 
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unique information whose authenticity has been verified in said 
verifying; and authentication information defined based on the 
unique information. 
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